[syslog-ng]syslog-ng messages sent to outside prog

Nate Campi nate@campin.net
Mon, 5 Nov 2001 23:50:15 -0800 

On Mon, Nov 05, 2001 at 03:03:15PM -0800, Nate Campi wrote:
> 
> I just setup sqlsyslogd to output to a mysql database from a program()
> destination, and it prepends the <29> to the messages sent there as
> well. 

I've been inputting logs into the database all day now, and I see that
many different priorities are reported. The problem is that some
prioritites are single digit (i.e. <6>) while others are double digit
(i.e. <29>), messing up my C prog which parses the syslog messages. It
counts on the timestamp portion being a certain number of characters.

I found this in afprogram.c:

  if (self->dest)
                  A_WRITE_STRING(&self->dest->buffer->super,
                                 c_format("<%i>%S %S %S\n",
                                          msg->pri,
                                          msg->date,
                                          msg->host,
                                          msg->msg));

I tried to remove the priority part:

  if (self->dest)
                  A_WRITE_STRING(&self->dest->buffer->super,
                                 c_format("%S %S %S\n",
                                          msg->date,
                                          msg->host,
                                          msg->msg));

but it won't compile:

-DHAVE_CONFIG_H -I. -I/usr/src/syslog-ng-1.4.14/src -I.     -O2 -Wall
-I/usr/src/libol-0.2.23/src -D_GNU_SOURCE -c afstreams.c
/usr/src/libol-0.2.23/utils/make_class <afprogram.c >afprogram.c.xT
/bin/sh: /usr/src/libol-0.2.23/utils/make_class: No such file or
directory
make[3]: *** [afprogram.c.x] Error 127
make[3]: Leaving directory `/usr/src/syslog-ng-1.4.14/src'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/usr/src/syslog-ng-1.4.14/src'
make[1]: *** [all-recursive-am] Error 2
make[1]: Leaving directory `/usr/src/syslog-ng-1.4.14/src'
make: *** [all-recursive] Error 1

I would really like to ditch the priority info, but if not, can't I at
least format the entry like you can with printf() to keep a leading zero
when it's a single digit priority? I don't know where c_format() is
defined, and if it will accept formatting like this.

I suck at C and don't want to have to rewrite this db entry program, I'd
have to do it in Perl, and it would be much harder for me than simply
modifying syslog-ng a little.

TIA,
-- 
Nate Campi        http://www.campin.net        GnuPG key: 0xC17AEF79   
Key fingerprint = BF12 722F 8799 E614 33CC  FAB7 5A90 C464 C17A EF79

If I had a ( for every $ the government spent, what would I have?
Typical unix response:   Too many ('s.